EAST Search History 



Ref 

# 


Hits 


Search Query 


DBS 


Default 
Operator 


Plurals 


Time Stamp 


LI 


273 


((DELLA-LIBERA near2 GIOVANNI) 
(GAJJALA near2 VIJAY) (JANCZUK 
near2 TOMASZ) (LAMBERT near2 
JOHN)).in. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:14 


L2 


2 


((DELLA-LIBERA near2 GIOVANNI) 
(GAJJALA near2 VIJAY) (JANCZUK 
near2 TOMASZ) (LAMBERT near2 
JOHN)).in. and (XPath).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:14 


L3 


9 


((DELLA-LIBERA near2 GIOVANNI) 
(GAJJALA near2 VIJAY) (JANCZUK 
near2 TOMASZ) (LAMBERT near2 
JOHN)).in. and (SOAP).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:15 


L4 


101 


microsoft.as. and (SOAP).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:15 


L5 


68 


microsoft.as. and (Xpath).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:15 


L6 


1 


microsoft.as. and (Xpath).clm. and 
(security).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 16:15 


L7 


15 


microsoft.as. and (SOAP). dm. and 
(security).clm. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM TDB 


OR 


ON 


2007/08/28 16:15 
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SI 


186 


713/154.ccls. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:21 


S2 


427 


713/167.ccls. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:23 


S3 


359 


726/13.ccls. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:24 


S4 


947 


SI S2 S3 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:24 


S5 


16 


S4 and (SOAP) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|V1_TDB 


OR 


ON 


2007/08/24 13:25 


S6 


16 


S4 and (SOAP or ("Simple object 
access protocol")) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|vi_TDB 


OR 


ON 


2007/08/28 16:12 


S7 


0 


S4 and (encrypt$4 with 
(message42)) nearlO (pattern 
profile$2 filter$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBI^I TDB 


OR 


ON 


2007/08/24 13:29 
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S8 


0 


(enctYpt$4 with (message42)) 
nearlO (pattern profile$2 filter$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:29 


S9 


9 


S4 and (encrypt$4 with 
(message$2)) nearlO (pattern 
profile$2 filter$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBI^_TDB 


OR 


ON 


2007/08/24 13:34 


SIO 


285 


(encrypt$4 with (message$2)) 
nearlO (pattern profile$2 filter$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|V|_TDB 


OR 


ON 


2007/08/24 13:34 


Sll 


59 


(encrypt$4 with (message$2)) 
nearlO (pattern profile$2 filter$3) 
and (xml soap) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|V|_TDB 


OR 


ON 


2007/08/24 13:37 


S12 


305 


726/2 l.ccls. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:37 


S13 


691 


726/l.ccls. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:37 


S14 


1877 


S4 S12 S13 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBI^ TDB 


OR 


ON 


2007/08/24 13:37 
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S15 


4 


S14 and (pattern$2 profil$2) with 
(polic$3) near2 (apply$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:39 


S16 


64 


S14 and (soap) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:44 


S17 


7 


S14 and (encrypt$4 decrypt$4) and 
(security adj policy) same 
(pattern$2 protocol$3) same (XI^L 
SOAP h™l) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:51 


S18 


528 


(encrypt$4 iiash mac) witli 
(message file packet) with 
(pattern$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:52 


S19 


, 0 


(encrypt$4 hash mac) with 
(message file packet) with 
(pattern$2) and (apply$2 with 
(secuirty adj (polic$3 rule$2))) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:54 


S20 


0 


(encrypt$4 hash mac) with 
(message file packet) with 
(pattern$2) and (appl$3 with 
(secuirty adj (polic$3 rule$2))) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:53 


S21 


0 


(encrypt$4 hash mac) with 
(message file packet) with 
(pattern$2) and ((apply$3 applie$2) 
with (secuirty adj (polic$3 rule$2))) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM TDB 


OR 


ON 


2007/08/24 13:53 
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S22 


0 


(enct7pt$4 hash mac) with 
(message file packet) and ((apply$3 
applie$2) with (secuirty adj (polic$3 
rule$2))) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:54 


S23 


0 


((apply$3 applie$2) with (secuirty 
adj (polic$3 rule$2))) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 13:54 


S24 


7 


(encrypt$4 hash mac) with 
(message file packet) with 
(pattern$2) same (security adj 
policy) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:27 


S25 


4314 


(scope$2 with profil$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:27 


S26 


954 


(scope$2 near3 profil$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:27 


S27 


2 


(scope$2 near3 profil$3) same 
(encrypt$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:28 


S28 


42 


(scope$2 near3 profil$3) and 
(encrypt$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:28 
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S29 


1 


(scope$2 near3 profil$3) same 
(SOAP XML HTML) and (encrypt$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:29 


S30 


6 


(scope$2 near3 profil$3) same 
(SOAP XML HTML) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:35 


S31 


2 


"6405212".pn. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 14:35 


S32 


1595 


707/9. cds. and (scope$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TD8 


OR 


ON 


2007/08/24 14:35 


S33 


701 


(security adj policy$2) same 
(encrypt$5) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:11 


S34 


196 


(security adj policy$2) same 
(encrypt$5) and (scope$3) and 
(profil$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:11 


S35 


126 


(security adj policy$2) same 
(encrypt$5) and (scope$3) and 
(profil$3) and (SOAP HTML XML) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:11 
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S36 


82 


(security adj policy$2) same 
(encrypt$5) and (scope$3) and 
(profil$3) and (SOAP HTML XML) 
and (encrypt$4) near3 (nnessage$2 
packet$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:18 


S37 


146 


(security adj policy$2) same 
(encrypt$5) and (SOAP HTML XML) 
and (encrypt$4) near3 (message$2 
packet$2) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:18 


S38 


3 


"7010681".pn. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:18 


S39 


82 


(security adj policy$2) same 
(encrypt$5) and (SOAP HTML XML) 
and (encrypt$4) near3 (message$2 
packet$2) and (SOAP) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/24 16:18 


S40 


45 


abrishamkar.xa. 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/26 13:04 


S47 


138 


(mapping$2) with (polic$2) with 
(storage$2 databas$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 13:32 


S48 


12 


(mapping$2) with (security adj 
(polic$2)) with (storage$2 
databas$3) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM TDB 


OR 


ON 


2007/08/28 13:32 
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S49 


7 


(US-7024662-$ or US-6405212-$ or 
US-6931532-$ or US-6807181-$ or 
US-6915338-$ or US-7010681-$ or 
US-7062566-$).did. 


USPAT 


OR 


ON 


2007/08/28 14:18 


S50 


2 


S49 and soap 


USPAT 


OR 


ON 


2007/08/28 14:18 


S51 


2 


S49 and soap 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|v|_TDB 


OR 


ON 


2007/08/28 14:31 


S52 


81 


SOAP with (document message) 
with parse 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 14:32 


S53 


4 


SOAP with (document message) 
with parse same (security) 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|V|_TDB 


OR 


ON 


2007/08/28 14:32 


S54 


173 


SOAP same (polic$3) same 
(security) 


US-PGPUB; 

USP/T; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2007/08/28 14:33 


S55 


160 


SOAP same (polic$3) same 
(security) and XI^L 


US-PGPUB; 

USPAT; 

USOCR; 

FPRS; 

EPO; JPO; 

DERWENT; 

IB|V|_TDB 


OR 


ON 


2007/08/28 14:33 
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#1 



#2 



( ( security <in>metadata ) <and> ( xml<in>metadata ) )<and> 
( policy<in>metadata ) 



( ( soap<in>metadata ) <and> ( security<in>metadata ) )<and> 
( policy<in>metadata ) 



#3 ( ( xpath<in>metadata ) <and> ( policy<in>metadata ) ) 



#4 ( ( xpath<in>metadata ) <and> ( policy<in>metadata ) ) 



#5 ( ( xpafh<in>metadata ) <and> ( policy<in>metadata ) ) 
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Results 1 - 20 of 200 

Best 200 shown 

Applications of formal methods: Verifying policy-based security for web services 



next 

Relevance scale □ □ H H I 



Karthikeyan Bhargavan, Cedric Fournet, Andrew D. Gordon 

October 2004 Proceedings of the 11th ACM conference on Computer and 

communications security CCS '04 
Publisher: ACIVI Press 



Full text available:' 



I pdf(269 16 KB) Additional Information: full citation , abstract , references , citin gs, index 
' '' terms 



WS-SecurityPolicy is a declarative configuration language for driving web services security 
mechanisms. We describe a formal semantics for WS-SecurityPolicy, and propose a more 
abstract link language for specifying the security goals of web services and their clients. 
Hence, we present the architecture and implementation of fully automatic tools that (1) 
compile policy files from link specifications, and (2) verify by invoking a theorem prover 
whether a set of policy files run by any number o ... 



Keywords: XML security, pi calculus, web services 



^ Web ser vices: An ad vi sor for web services securit y policies 

Karthikeyan Bhargavan, Cedric Fournet, Andrew D. Gordon, Greg O'Shea 
^ November 2005 Proceedings of the 2005 workshop on Secure web services SWS '05 

Publisher: ACM Press 

Full text available: ^ pdf(314.81 KB) Additional Information: full citation , abstract , references , index terms 

We identify common security vulnerabilities found during security reviews of web services 
with policy-driven security. We describe the design of an advisor for web services security 
configurations, the first tool both to identify such vulnerabilities automatically and to offer 
redial advice. We report on its implentation as a plugin for Microsoft Web Services 
Enhancents (WSE). 

Keywords: WS-security, XML security, policy-driven security, web services 




3 Service security: A concrete solution for web services adaptability using policies and Q 
as pects 

Fabien Baligand, Valerie Monfort 

November 2004 Proceedings of the 2nd international conference on Service oriented 
computing ICSOC '04 




http://portal.acm.org/results.cfm?coll=ACM&dl=ACM&CFID=28106422&CFTOKEN=852... 8/28/07 



Results (page 1): soap, security, policy 
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Publisher: ACM Press 

Full text available: BdfCmgOKB) Additional Information: full citation, abstract, references , citings, index 

terms, revie w 

Traditional middleware is usually developed on monolithic and non-evolving entities, 
resulting in a lack of flexibility and interoperability. Among current architectures. Service 
Oriented Architectures aim to easily develop more adaptable Information Systems. Most 
often, Web Service is the fitted technical solution which provides the required loose 
coupling to achieve such architectures. However there is still much to be done in order to 
obtain a genuinely flawless Web Service, and current ma ... 

Keywords: adaptability, aspect oriented programming, reusability, service, service 
oriented architecture, web service 



Security architecture: Towards secure SOAP messa g e exchange in a SOA 
l^ohammad Ashiqur Rahaman, Andreas Schaad, Maarten Rits 

November 2006 Proceedings of the 3rd ACM workshop on Secure web services SWS 
'06 

Publisher: ACM Press 

Full text available: pdf(375.32 KB ) Additional Information: full citation , abstract , references , index terms 

SOAP message exchange is one of the core services required for system integration in 
Service Oriented Architecture (SOA) environments. One key concern in a SOA is thus to 
provide Message Level Security (as opposed to point to point security). We observe that 
systems are communicating with each other in a SOA over SOAP messages, often without 
adequate protection against XML rewriting attacks. We have already provided a solution to 
protect the integrity of SOAP messages in earlier work [1]. This so ... 

Keywords: SOA, XML rewriting attack, sOAP account 



Defeasible security policy composition for web services 
Adam J. Lee, Jodie P. Boyer, Lars E. Olson, Carl A. Gunter 

November 2006 Proceedings of the fourth ACM worltshop on Formal methods in 
security FMSE '06 

Publisher: ACM Press 

Full text available: ^ pdf( 234.15 KB ) Additional Information: full citation , abstract , references , index terms 

The ability to automatically compose security policies created by multiple organizations is 
fundamental to the development of scalable security systems. The diversity of policies 
leads to conflicts and the need to resolve priorities between rules. In this paper we 
explore the concept of defeasible policy composition, wherein policies are represented in 
defeasible logic and composition is based on rules for non-monotonic inference. This 
enables policy writers to assert rules tentatively; w ... 

Keywords: defeasible logic, security policy composition, web services 



^ Fine g rained access control for SOAP E-serv i ces 

Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati 
April 2001 Proceedings of the 10th international conference on World Wide Web 

WWW '01 
Publisher: ACM Press 

Full text available: p df(258.34 KB ) Additional Information: f ull citation , reference s, citing s, index t erms 



http://portal.acm.org/results.cfm?coll=ACM&dl=ACM&CFID=28106422&CFTOKEN=852... 8/28/07 
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Keywords: SOAP, XML, access control, certificates, roles 



Web s e rvices: Web services enterprise security architecture: a case study 
Carlos Gutierrez, Eduardo Fernandez-Medina, Mario Piattini 

November 2005 Proceedings of the 2005 workshop on Secure web services SWS '05 
Publisher: ACIVI Press 

Full text available: '^ pdf ( 341.82 KB ) Additional Information: full citation , abstract , references , index terms 

Web Services (WS hereafter) Security is a crucial aspect for technologies based on this 
paradigm to be completely adopted by the industry. As a consequence, a lot of 
initiativesof initiatives have arisen during the last years setting as their main purpose the 
standardization of the security factors related to this paradigm. In fact, over the past 
years, the most important consortiums ofof Internet Internet, like IETF, W3C or OASIS, 
are producing a huge number of WS-based security standards. Desp ... 

Keywords: security, software architecture, software development process, web services 



8 Web services: XML signature elent wra pping attacks and countermeasures 
Michael Mcintosh, Paula Austel 

November 2005 Proceedings of the 2005 wprl<shop on Secure web services SWS '05 
Publisher: ACM Press 

Full text available- pdf(74 05 KB) Additional Information: full citation , abstract , references , citing s, index 

' ~ terms 

Naive use of XML Signature may result in signed documents raining vulnerable to 
undetected modification by an adversary. In the typical usage of XML Signature to protect 
SOAP messages, an adversary may be capable of modifying valid messages in order to 
gain unauthorized access to protected resources. This paper describes the general 
vulnerability and several related exploits, and proposes appropriate countermeasures. 
While the attacks described herein may se obvious to security experts once they ... 

Keywords: XML signature, attack, countermeasure, security policy, vulnerability, web 
services security 



Service oriented architectures: a p proaches, technologies and research issues 
Mike P. Papazogiou, Willem-Jan Heuvel 

July 2007 The VLDB Journal — The International Journal on Very Large Data Bases, 

Volume 16 Issue 3 
Publisher: Springer-Verlag New York, Inc. 
Additional Information: full citation , abstract , index terms 

Service-oriented architectures (SOA) is an emerging approach that addresses the 
requirements of loosely coupled, standards-based, and protocol- independent distributed 
computing. Typically business operations running in an SOA comprise a number of 
invocations of these different components, often in an event-driven or asynchronous 
fashion that reflects the underlying business process needs. To build an SOA a highly 
distributable communications and integration backbone is required. This functio ... 

Keywords: Application and service integration. Asynchronous and event-driven 
processing, Enterprise bus. Service oriented architecture, Web services 
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November 2005 Proceedings of the 3rd international worksliop on Middleware for 
pervasive and ad-hoc computing MPAC '05 

Publisher: ACM Press 

Full text available: ^ pdf(479.82 KB) Additional Information: full citation , abstract , references , index terms 

This paper outlines the benefits of adopting service-oriented architectures at the level of 
communications between resource-constrained embedded devices. It focuses on the 
usage of the Devices Profile for Web Services as the underpinning of such architectures 
for "smart" devices and discusses an early implementation thereof. It further illustrates 
how "dumb" or "legacy" devices can be integrated using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 
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November 2002 Proceedings of the 2002 ACM workshop on XML security XMLSEC '02 
Publisher: ACM Press 

Full text available: « pdf d 98.65 KB ) Additional Information: fulLdtation, absiract, references, citings, index 

terms 

Security is currently one of the main concerns about XML Web services. Several Initiatives 
are currently ongoing aimed at achieving a standardized way for supporting integrity," 
confidentiality, and access control for XML Web services. This paper looks into these 
approaches and gives some hints for future research. 

Keywords: SOAP, Web services, access control 



12 S pecifying conflict of interest assertions in WS-policy with Chinese wall security 

^ BQlicy^ 

^ Patrick C. K. Hung, Guang-Sha Qiu 
• March 2003 ACM SIGecom Exciianges, volume 4 issue i 

Publisher: ACM Press 

Full text available:*^ pdf( 270. 12 KB ) Additional Information: full citation , abstract , references , index terms 

A Web service is defined as an autonomous unit of application logic that provides either 
some business functionality or information to other applications through an Internet 
connection. Web services are based on a set of XML standards such as Simple Object 
Access Protocol (SOAP), Universal Description, Discovery and Integration (UDDI) and Web 
Services Description Language (WSDL). The benefits of adopting Web services over 
traditional business-to-business applications include faster time to produ ... 

Keywords: Chinese wall security policy, WS-policy, WS-policy attachment, conflict of 
interest, delegation, matchmaking, security assertion, security policy, service locators 
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May 2005 ACM Transactions on Information and System Security (TISSEC), volume 8 
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Publisher: ACM Press 

Full text available- "fl Ddf(1 60 MB) Additional Information: fuH cLtaiion, abstract, references, cjtLngs, index 
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Modem day enterprises exhibit a growing trend toward adoption of enterprise computing 
services for efficient resource utilization, scaiabiiity, and flexibility. These environments 
are characterized by heterogeneous, distributed computing systems exchanging enormous 
volumes of time-critical data with varying levels of access control in a dynamic business 
environment. The enterprises are thus faced with significant challenges as they endeavor 
to achieve their primary goals, and simultaneously ens ... 

Keywords: XML, role-based access control, secure enterprises 



An Access Control Model for Web Serv ices in Business Process 
Peng Liu, Zhong Chen 

September 2004 Proceedings of the 2004 lEEE/WIC/ACM International Conference on 
Web Intelligence WI '04 

Publisher: IEEE Computer Society 

Full text available: ■eipjiKI 39 JO_KB) 

jisT Additional Information: full citation , abstract 

^ Publisher Site 

Business process describes a set of services that span enterprise boundaries and are 
provided by enterprises that see each other as partners. Web services is widely accepted 
and adopted to construct business process. Web services are built in exposed 
environment and open to security threats. When a web service contained in a business 
process is authorized to illegal users, it will cause economic loss of the service provider. 
Although there exist some standards for security of Web services and ac ... 

15 Session 2: secure Web services: Validating a Web service security abstraction by 
^ typing 

^ Andrew D. Gordon, Riccardo Pucella 

November 2002 Proceedings of the 2002 ACM workshop on XML security XMLSEC '02 
Publisher: ACM Press 

Full text available" 'f°lpdf{210 31 KB) Additional Information: f ull citation , abstract , referenc es, citin gs, index 
— terms 

An XML web service is, to a first approximation, an RPC service in which requests and 
responses are encoded in XML as SOAP envelopes, and transported over HTTP. We 
consider the problem of authenticating requests and responses at the SOAP-level, rather 
than relying on transport-level security. We propose a security abstraction, inspired by 
earlier work on secure RPC, in which the methods exported by a web service are 
annotated with one of three security levels: none, authenticated, or both authen ... 

Keywords: Web services, authentication, remote procedure call, type systems 
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May 2006 Proceedings of the 15th international conference on World Wide Web 
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Publisher: ACM Press 

Full text available- "Pi pdf(357.06 KB) Additional Information: full citation , abstract , references , cited by . index 

t erms 

Service Oriented Computing is emerging as the main approach to build distributed 
enterprise applications on the Web. The widespread use of Web services is hindered by 
the lack of adequate security and privacy support. In this paper, we present a novel 
framework for enforcing access control in conversation-based Web services. Our approach 
takes into account the conversational nature of Web services. This is in contrast with 
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existing approaches to access control enforcement that assume a Web servi ... 
Keywords: access control, conversations, transition systems, web services 
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web 



JinKyu Lee, Shambhu J. Upadhyaya, H. Raghav Rao, Raj Sharman 
December 2005 Communications of tlie ACM, volume 48 issue 12 

Publisher: ACM Press 

Full text available: raRdfil31.,9lM^^ ...... ,,, . , ^ . 

u. -,r. ,yr^- Additionsl Information: full citation , abstract , references , index terms 

|g] html ( 27.79 KB ) ~~ 

Strengthening security within the domain of shared knowledge is a critical issue, and 
great challenge, to businesses today. A number of different protocols currently available 
offer an array of benefits and limitations. 

Trust mana g ement: Automatic web services composition in trustaware communities 
Fahima Cheikh, Giuseppe De Giacomo, Massimo Mecella 

Novennber 2006 Proceedings of the 3rd ACM worl<shop on Secure web services SWS 
'06 

Publisher: ACM Press 

Full text available: pdf ( 244.63 KB ) Additional Information: f ul l citation , abstrac t, references , index terms 

The promise ofWeb Service Computing is to utilizeWeb services as fundamental elements 
for realizing distributed applications/solutions. In particular, when no available service can 
satisfy client request, (parts of) available services can be composed and orchestrated in 
order to satisfy such a request. In this paper, we address the automatic composition when 
component services have access control & authorization constraints, and impose further 
reputation constraints on other component services. ... 

Keywords: access control, composition, trust, web services 
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Diala Abi Haidar, Nora Cuppens-Boulahia, Frederic Cuppens, Herve Debar 
November 2006 Proceedings of tlie 3rd ACM worl<shop on Secure web services SWS 
'06 

Publisher: ACM Press 

Full text available: pdf(493.76 KB) Additional Information: full citation , abstract , references , index terms 

Nowadays many organizations use security policies to control access to sensitive 
resources. Moreover, exchanging or sharing services and resources is essential for these 
organizations to achieve their business objectives. Since the extensible Access Control 
Markup Language (XACML) was standardized by the OASIS community, it has been widely 
deployed, making it easier to interoperate with other applications using the same 
standard language. The OASIS has defined an RBAC profile of XACML that illus ... 

Keywords: OrBAC, RBAC, XACML, access control 
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Publisher: ACM Press 

Full text available: ^ pdf (333.14 KB) Additional Information: full citation , abstract , references , index terms 

Despite recent advances in trust relationship control nnechanisms, issues remain that 
impede the development of effective trust models. One of these is the lack of dynamic 
mechanisms that can simultaneously achieve both privacy and efficiency when 
establishing a new trust relationship. Current techniques encourage the client to reveal 
more attributes than may be required by the web service (resulting in a lack of privacy) 
or else engage in negotiation with the web service to discover and then ser ... 

Keywords: dynamic trust establishment, privacy, security token, web service 
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On specifying security policies for web documents with an XML-based language 
Elisa Bertino, Silvana Castano, Elena Ferrari 

May 2001 Proceedings of the sixth ACM symposium on Access control models and 
technologies SACMAT '01 

Publisher: ACM Press 

Full text available- "f) pdf(290 20 KB). Additional Information: full citation , abstract , references , dtings, index 
' ^ ^ terms 

The rapid growth of the Web and the ease with which data can be accessed facilitate the 
distribution and sharing of information. Information dissemination often takes the form of 
documents that are made available at Web servers, or that are actively broadcasted by 
Web servers to interested clients. In this paper, we present an XML-compliant formalism 
for specifying security-related information for Web document protection. In particular, we 
introduceX-Sec, an XML-based lang ... 

Keywords: XML, access control, security policies, subject credentials 



2 Managing security policies in a distributed environment using extensible markup 

language (XML) 
^ Nathan N. Vuong, Geoffrey S. Smith, Yi Deng 

March 2001 Proceedings of the 2001 ACM symposium on Applied computing SAC '01 

Publisher: ACM Press 

Full text available: ^ pdf (206.91 KB ) Additional Information: full citatio n, references , citin gs, index terms 



Keywords: Java, RBAC, XML, distributed authorization, managing security policies, meta- 
language 



Web serv ices: An advisor f or web services sec urity pol icies 

Karthikeyan Bhargavan, Cedric Fournet, Andrew D. Gordon, Greg O'Shea 

November 2005 Proceedings of the 2005 workshop on Secure web services SWS '05 

Publisher: ACM Press 
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We identify common security vulnerabilities found during security reviews of web services 
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with policy-driven security. We describe the design of an advisor for web services security 
configurations, the first tool both to identify such vulnerabilities automatically and to offer 
redial advice. We report on its implentation as a plugin for Microsoft Web Services 
Enhancents (WSE). 

Keywords: WS-security, XML security, policy-driven security, web services 



Research sessions: security and privacy: Secure XML query ing with security views | 
Wenfei Fan, Chee-Yong Chan, Minos Garofalakis 

June 2004 Proceedings of the 2004 ACM SIGMOD international conference on 
Management of data SIGMOD '04 

Publisher: ACIVi Press 

Full text available:^ pdf(229. 47 KB ) Additional Information: full citation , abstract , references , citin gs 

The prevalent use of XML highlights the need for a generic, flexible access-control 
mechanism for XML documents that supports efficient and secure query access, without 
revealing sensitive information unauthorized users. This paper introduces a novel 
paradigm for specifying XML security constraints and investigates the enforcement of such 
constraints during XML query evaluation. Our approach is based on the novel concept of 
security views, which provide for each user group (a) an XML view ... 

5 X -GTRB A C: an XML-based po l ic y s pecification frameworl< and ar chitecture for | 
^ enterprise-wide access control 

^ Rafae Bhatti, Arif Ghafoor, Elisa Bertino, James B. D. Joshi 

May 2005 ACM Transactions on Information and System Security (TISSEC), volume 8 

Issue 2 

Publisher: ACM Press 

I- ^ -1 L.1 fi<i ^-A Additional Information: full citation , abstract , references , citings, index 

Full text available: T5J pdf(1.60 MB) ^ ■ 

terms 

Modern day enterprises exhibit a growing trend toward adoption of enterprise computing 
services for efficient resource utilization, scalability, and flexibility. These environments 
are characterized by heterogeneous, distributed computing systems exchanging enormous 
volumes of time-critical data with varying levels of access control in a dynamic business 
environment. The enterprises are thus faced with significant challenges as they endeavor 
to achieve their primary goals, and simultaneously ens ... 

Keywords: XML, role-based access control, secure enterprises 
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Michiharu Kudo, Satoshi Hada 

November 2000 Proceedings of the 7th ACM conference on Computer and 
communications security CCS '00 

Publisher: ACM Press 

Full text available:*^ pdf( 456. 68 KB ) Additional Information: full citation , referenc es, citin gs, index terms 




Keywords: XML, access control, provisional authorization, security transcoding 
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^ October 2004 Proceedings of the 11th ACM conference on Computer and 
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WS-SecurityPoiicy is a declarative configuration language for driving web services security 
nriechanisms. We describe a formal semantics for WS-SecurityPolicy, and propose a more 
abstract link language for specifying the security goals of web services and their clients. 
Hence, we present the architecture and implementation of fully automatic tools that (1) 
compile policy files from link specifications, and (2) verify by invoking a theorem prover 
whether a set of policy files run by any number o ... 

Keywords: XML security, pi calculus, web services 



8 XML security: Conce pt -level access control for the Semantic Web 
Li Qin, Vijayalakshmi Atluri 
^ October 2003 Proceedings of the 2003 ACl^ workshop on XML security XMLSEC '03 
Publisher: ACM Press 

Full text available- "p*! pdf (320.46 KB) Additional Information: full citation , abstract , references , citings , index 
' ^ terms 

Recently, the notion of the Semantic Web has been introduced to define a machine- 
interpretable web targeted for automation, integration and reuse of data across different 
applications. Under the Semantic Web, web pages are annotated by concepts that are 
formally defined in ontologies along with the relationships among them. As information 
pertaining to different concepts has varying access control requirements, in this paper, we 
propose an access control model for the semantic web that is capabi ... 

Keywords: Semantic Web, access control, concept, ontology, propagation 
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Namje Park, Kiyoung Moon, Sungwon Sohn 

October 2003 Proceedings of the 2003 ACM workshop on XML security XMLSEC '03 
Publisher: ACM Press 

Full text available: '^ pdf(7.01 MB ) Additional Information: full citation , abstract , references , index terms 

A computational grid is a hardware and software infrastructure capable of providing 
dependable, consistent, pervasive, and inexpensive access to high-end computational 
resource. There are many ways to access the resources of a computational grid, each with 
unique security requirements and implications for both the resource user and the resource 
provider. Current Grid security Infrastructure using PKI based on SSO. But open grid 
service Security Infrastructure in Global Grid Forum(GGF) will exten ... 

Keywords: GSI, XKMS, XML, XML security, certificate validation, grid, key management, 
security 
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Publisher: ACM Press 
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We investigate a generalization of the notion of XML security view introduced by Stoica 
and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control 
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policies specified over DTDs with XPath expression for data-dependent access control 
policies. We provide the notion of security views for characterizing information accessible 
to authorized users. This is a transformed (sanitized) DTD schema that can be used by 
users for query formulation and optimization. Then w ... 

Keywords: XML access control, XML views, XPath 



'''' Research session 3: security and privacy: Security analysis of cryptographically 
controlled access to XML documents 
Martin Abadi, Bogdan Warinschi 
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symposium on Principles of database systems PODS '05 
Publisher: ACM Press 

Full text available:'^ pdf(180.71 KB) Additional Information: full citation , abstract , references , citings 

Some promising recent schemes for XML access control employ encryption for 
implementing security policies on published data, avoiding data duplication. In this paper 
we study one such scheme, due to Miklau and Suciu. That scheme was introduced with 
some intuitive explanations and goals, but without precise definitions and guarantees for 
the use of cryptography (specifically, symmetric encryption and secret sharing). We 
bridge this gap in the present worl<. We analyze the scheme in the context of ... 

12 Secure and selective dissemination of XML documents 
Elisa Bertino, Elena Ferrari 

August 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 

Issue 3 

Publisher: ACIVi Press 

Full text available' 'f*1 pdf(678.34 KB) Additional Information: full citation , abstract , references , citings , index 
^ terms 

XML {eXtensibie Marl<up Language) has emerged as a prevalent standard for document 
representation and exchange on the Web. It is often the case that XML documents contain 
information of different sensitivity degrees that must be selectively shared by (possibly 
large) user communities. There is thus the need for models and mechanisms enabling the 
specification and enforcement of access control policies for XML documents. Mechanisms 
are also required enabling a secure and selective dissemina ... 

Keywords: Access control, XML, secure distribution 
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Security is currently one of the main concerns about XML Web services. Several initiatives 
are currently ongoing aimed at achieving a standardized way for supporting integrity, 
confidentiality, and access control for XML Web services. This paper looks into these 
approaches and gives some hints for future research. 

Keywords: SOAP, Web services, access control 
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federated healthcare databases (or RHIOs ) 
Rafae Bhatti, Khalid Moidu, Arif Ghafoor 

November 2006 Proceedings of the international workshop on Healthcare information 
and knowledge management HIKM '06 

Publisher: ACM Press 

Full text available: pdf (329.06 KB) Additional Information: full citation , abstract , references , index terms 

The role of security management in the RHIOs has recently gained increasing attention 
due to strict privacy and disclosure rules, and federal regulations such as HIPAA. The 
envisioned use of electronic health care records in such systems involves pervasive and 
ubiquitous access to healthcare information from anywhere outside of traditional hospital 
boundaries which puts increasing demands on the underlying security mechanisms. In 
this paper, we have designed a context-aware policy-based system t ... 

Keywords: federated healthcare architecture, privacy and disclosure policy, role based 
access control 
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A Web service is defined as an autonomous unit of application logic that provides either 
some business functionality or information to other applications through an Internet 
connection. Web services are based on a set of XML standards such as Simple Object 
Access Protocol (SOAP), Universal Description, Discovery and Integration (UDDI) and Web 
Services Description Language (WSDL). The benefits of adopting Web services over 
traditional business-to-business applications include faster time to produ ... 

Keywords: Chinese wall security policy, WS-policy, WS-policy attachment, conflict of 
interest, delegation, matchmaking, security assertion, security policy, service locators 
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Publisher: ACM Press 
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This paper proposes an Infrastructure and related algorithms for the controlled and 
cooperative updates of XML documents. Key components of the proposed system are a 
set of XML-based languages for specifying access-control policies and the path that the 
document must follow during its update. Such path can be fully specified before the 
update process begins or can be dynamically modified by properly authorized subjects 
while being transmitted. Our approach is fully distributed in that eac ... 

Keywords: Byzantine and distributed systems, XML documents, policy languages, 
updates 



''^ Technical poster session 3: multimedia tools , end-s ystems, and a p plications: 
SMARXO: towards secured multimedia a p plications by ado ptin g RBAC. XML and 



http://portal.acm.org/results.cfm?coll=ACM&dl=ACM«&CFID=28106422&CFTOKEN=852... 8/28/07 



Results (page 1): xml, security, policy 



Page 6 of 7 



^ obj ect-relational database 

Shu-Ching Chen, Mei-Ling Shyu, Na Zhao 

October 2004 Proceedings of the 12th annual ACM international conference on 
Multimedia MULTIMEDIA '04 

Publisher: ACM Press 
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In this paper, a framework named SMARXO is proposed to address the security issues in 
multimedia applications by adopting RBAC (Role-Based Access Control), XML, and Object- 
Relational Databases. Compared with the other existing security models or projects, 
SMARXO can deal with more intricate situations. First, the image object-level security and 
video scene/shot-level security can be easily achieved. Second, the temporal constrains 
and IP address restrictions are modeled for the access control ... 

Keywords: XML, multimedia security, object-relational databases, role-based access 
control (RBAC) 
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Full text available: ^ _ pdf(495.08 KB) Additional Information: full citation , abstract , references , index terms 

Access control policies for XML typically use regular path expressions such as XPath for 
specifying the objects for access-control policies. However such access-control policies are 
burdens to the query engines for XML documents. To relieve this burden, we introduce 
static analysis for XML access-control. Given an access-control policy, query expression, 
and an optional schema, static analysis determines if this query expression is guaranteed 
not to access elements or attributes that are hidden ... 

Keywords: Access control, XML, XPath, XQuery, automaton, query optimization, schema, 
static analysis, value-based access control, view schema 
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Naive use of XML Signature may result in signed documents raining vulnerable to 
undetected modification by an adversary. In the typical usage of XML Signature to protect 
SOAP messages, an adversary may be capable of modifying valid messages in order to 
gain unauthorized access to protected resources.This paper describes the general 
vulnerability and several related exploits, and proposes appropriate countermeasures. 
While the attacks described herein may se obvious to security experts once they ... 

Keywords: XML signature, attack, countermeasure, security policy, vulnerability, web 
services security 



20 Research sessions: Re s earch 4: Security & p r i vacy: E ffici ent secure query evaluation Q 

over enc r ypted XML d ata b a ses 
Hui Wang, Laks V. S. Lakshmanan 



http://portal.acm.org/results.cfm?coll=ACM&dl=ACM&CFID=28106422&CFTOKEN=852... 8/28/07 



Results (page 1): xml, security, policy 



Page 7 of 7 



September 2006 Proceedings of the 32nd international conference on Very large data 
bases VLDB '06 

Publisher: VLDB Endowment 
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Motivated by the "database-as-service" paradigm wherein data owned by a client is 
hosted on a third-party server, there is significant interest in secure query evaluation over 
encrypted databases. We consider this problem for XML databases. We consider an attack 
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their occurrence frequencies, and we wish to protect sensitive structural information as 
well as value associations. We capture such security requirennents u ... 
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